To ship log data to MaxCompute, you must grant permissions to a RAM role to ship data and manage shipping jobs.
Overview
Shipping data from Simple Log Service to MaxCompute requires the following types of permissions:
-
Permissions to read and write data: Permission to read data from a logstore and write data to a MaxCompute table.
-
Permissions to manage shipping jobs: Permission to create, delete, modify, and view MaxCompute shipping jobs.
Data read and write permissions
|
Actions |
Authorization method |
Description |
|
Configure permissions to read data from a logstore |
Simple Log Service assumes the |
|
|
Simple Log Service assumes a custom RAM role to read data from the source logstore. |
||
|
Configure permissions to write data to MaxCompute |
Write data to MaxCompute by using a default role (ship data within the same account) |
A MaxCompute shipping job assumes the |
|
Write data to MaxCompute by using a custom role (ship data within the same account) |
A MaxCompute shipping job assumes a custom RAM role to write data from a logstore to a MaxCompute table. |
Permissions to manage shipping jobs
To allow a RAM user to manage shipping jobs, you must grant the required permissions. For more information, see Authorize a RAM user to manage MaxCompute shipping jobs.